User-Driven Access Control: Rethinking Permission ... - CiteSeerX

Extrait du fichier (au format texte) :

User-Driven Access Control:
Rethinking Permission Granting in Modern Operating Systems
Franziska Roesner, Tadayoshi Kohno
{franzi, yoshi}@cs.washington.edu
University of Washington

Alexander Moshchuk, Bryan Parno, Helen J. Wang
{alexmos, parno, helenw}@microsoft.com
Microsoft Research, Redmond

Crispin Cowan crispin@microsoft.com
Microsoft
Abstract

tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation of user data across arbitrary applications. For example, the isolation of web sites makes it difficult to share photos between two online providers
(e.g., Picasa and Flickr) without manually downloading and re-uploading them. (While two such applications can prenegotiate data exchanges through IPC channels or other APIs,
requiring every pair of applications used by a user to prenegotiate is inefficient or impossible.) From a security standpoint, existing access control mechanisms tend to be coarsegrained, abrasive, or inadequate. For instance, they require users to make out-of-context, uninformed decisions at install time via manifests [3, 6], or they unintelligently prompt users to determine their intent [5, 20].
Thus, a pressing open problem in these systems is how to allow users to grant applications access to user-owned resources spanning different isolation boundaries, defined as privacy-and cost-sensitive devices and sensors (such as the camera, GPS, or SMS capabilities), system services and settings (such as the contact list or clipboard), and user content stored with various applications (such as photos or documents). To address this problem, we propose user-driven access control, whereby the system captures user intent via authentic user actions in the context of applications.
In particular, we introduce access control gadgets (ACGs)
as an operating system technique to capture user intent. Each user-owned resource exposes UI elements called ACGs for applications to embed. The user s authentic UI interactions with an ACG grant the embedding application permission to access the corresponding resource. Our design ensures the display integrity of ACGs, resists tampering by malicious applications, and allows the system to translate authentic user input on the ACGs into permissions.
The ACG mechanism enables a permission granting system that minimizes unintended access by letting users grant permissions at the time of use (unlike the manifest model)
and minimizes the burden on users by implicitly extracting a

Modern client platforms, such as iOS, Android, Windows
Phone, Windows 8, and web browsers, run each application in an isolated environment with limited privileges. A pressing open problem in such systems is how to allow users to grant applications access to user-owned resources, e.g., to privacyand cost-sensitive devices like the camera or to user data residing in other applications. A key challenge is to enable such access in a way that is non-disruptive to users while still maintaining least-privilege restrictions on applications.
In this paper, we take the approach of user-driven access control, whereby permission granting is built into existing

Les promotions



MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
MatrixExplorer: Un système pour l'analyse exploratoire de ... - Microsoft
22/05/2017 - www.microsoft.com
MatrixExplorer: Un système pour l analyse exploratoire de réseaux sociaux Nathalie Henry Jean-Daniel Fekete INRIA Futurs/LRI/University of Sydney Bât 490, Université Paris-Sud 91405 Orsay Cedex Nathalie.Henry@lri.fr INRIA Futurs/LRI Bât 490, Université Paris-Sud 91405 Orsay Cedex Jean-Daniel.Fekete@inria.fr RESUME ABSTRACT Dans cet article, nous présentons le système MatrixExplorer destiné à explorer des réseaux sociaux. Il a été conçu pour des chercheurs en sciences sociales...

MSR Quantum applications - Microsoft
MSR Quantum applications - Microsoft
23/08/2018 - www.microsoft.com
( What Can We Do with a Quantum Computer? ( Matthias Troyer  Station Q, ETH Zurich | 1 Classical computers have come a long way Antikythera mechanism ENIAC astronomical positions (1946) (100 BC) Kelvin s harmonic analyzer prediction of tides (1878) Difference Engine (1822) Is there anything that we cannot solve on future supercomputers? Titan, ORNL (2013) Matthias Troyer | | 2 How long will Moore s law continue? Do we see signs of the end of Moore s law? Can we go below 7nm...

Vers une approche simplifiée pour introduire le caractère ... - Microsoft
Vers une approche simplifiée pour introduire le caractère ... - Microsoft
23/11/2017 - www.microsoft.com
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/262881208 Vers une approche simplifiée pour introduire le caractère incrémental dans les systèmes de dialogue Conference Paper · July 2014 CITATION READS 1 26 3 authors, including: Hatim Khouzaimi Romain Laroche Orange Labs / Laboratoire Informatique d'Avi & Microsoft Maluuba 12 PUBLICATIONS 42 CITATIONS 58 PUBLICATIONS 185 CITATIONS SEE PROFILE All content following this page was uploaded by Hatim Khouzaimi on 28 April 2015. The user has requested enhancement of the downloaded file. SEE PROFILE 21ème...

DSCOVR: Randomized Primal-Dual Block Coordinate ... - Microsoft
DSCOVR: Randomized Primal-Dual Block Coordinate ... - Microsoft
23/08/2018 - www.microsoft.com
DSCOVR: Randomized Primal-Dual Block Coordinate Algorithms for Asynchronous Distributed Optimization lin.xiao@microsoft.com Lin Xiao Microsoft Research AI Redmond, WA 98052, USA weiyu@cs.cmu.edu Adams Wei Yu Machine Learning Department, Carnegie Mellon University Pittsburgh, PA 15213, USA qihang-lin@uiowa.edu Qihang Lin Tippie College of Business, The University of Iowa Iowa City, IA 52245, USA wzchen@microsoft.com Weizhu Chen Microsoft AI and Research Redmond, WA 98052, USA October 13,...

Entanglement and Rigidity in Percolation Models ... - Alexander Holroyd
Entanglement and Rigidity in Percolation Models ... - Alexander Holroyd
22/05/2017 - www.microsoft.com
 ''&'''''' '&'!' &'' &''&''''''' ' ' ''''''''''''"' ''#' '$'%&''&&'''*')'+'!',''-''''.')'+' '/ ')'0''1&''!''2 ''3 '4'6'5'8'7''9';':'=''§'H''£'Œ'X'© '’''“'”'','¾'K''‘''£'Œ'‹'“'”!’'8'’''Š''Œ''Š''›'ž'’'''£'Œ'ž'Š'­'Š',!’'8'’'''£!’'H'¥&`''œ'Š',!”''Š',!’'8'’'''£!’'H'™&'Œ'ž'“'”'¥&`'“'œ'™'H'“'œ'’'¸'¨'£'²'‹'¬''Ž'@'Ž&`'›'ž'Š',''œ'¨$i'›'ž'§'V'Š',''£'®%Ï'“'”!’'H'¥'H'»&`'’'' 'H'Š'­!”''Š'z''£!’'K'“'”!’'H'¥ 'Ž'£'$c'’'' 'H'Š','›'ž'Š$e'’''Š''Œ'!”''›'­'“'”'›'´''£'›'´''¢'Ž&`''œ''”'Ž'h'¤'‡'›','²'>'±''¥&`'Œ''t'§'H' '0'“'”!’'¯'’'' 'H'Œ''Š''Š'#'©'P'™'H'“'”!”''Š',!’'H'›'ž'“'”'Ž&`!’'H''£''¹'›''§'|''£'''Š'¼'“'”'›'Q'Š',!’'8'’'.''£!’'K'¥&`''”'Š''™ '“'«''´'“'«'’'w''z''£!’'H!’'K'Ž'£'’$i'Ÿ'V'Š'0'R'n'§'H'¾'H''”''œ'Š','™'p''£'§'|'t'Œ'ž'’'zÏ&'¤'‡' 'K'Š',!’Ð'’'' 'H'Š''Š','™'H'¥&`'Š''›''t'Œ''Š'+'Œ''Š''¥'8''£'Œ''™'K'Š','™Ñ't'›$i'§'K' %Ï'¨'@'›'ž'“'”''z't''µ'''Ž&`!’%²'© !’'H'Š''''’''“'”'Ž&`!’'H'›$i!”&''£'™'H'Š''Ž'£''*'Š',''”''£'›'ž'’''“'”'t'²'0'±Ò'¥&`'Œ'''£'§'H' Ð'“'”'›$i'Œ''“'”'¥'£'“'”'™'p'“'œ''­'“'«'’$i''z''£!’'H!’'K'Ž'£'’'º'Ÿ'"'Š'1'R'n'™'H'Š'#''¢'Ž&`'Œ'!”''Š','™&Ï$c'¤'‡' 'H'Š'!’ '’'' 'H'Š'º'Š','™'K'¥&`'Š','›'w''£'Œ'ž'Š'º'Œ''Š''¥'8''£'Œ'ž'™'H'Š','™Ó''£'›'-'›''Ž&`''œ'“'”'™''Œ'ž'Ž%²'™'K'›'-'¤'‡' 'H'“'”''.' '…'',''£!’'…'§'H'“'«'¶&`'Ž'£'’'w''F'’'-'’'' 'K'Š''¶&`'Š''Œ'ž'’''“'œ'','Š''›','²$i'·'*' 'H'Š','›'ž'Š '“'œ!’%Ï'’''¾'H'“'œ'’''“'œ'¶'£'Š$e!’'H'Ž'£'’''“'”'Ž&`!’'H'›'­'¤'‡'“'œ''”'&'Ÿ'"'Š$e''¢'Ž&`'Œ'ž!”'¯''£''œ'“'”'›'ž'Š','™'0''‘''F'’''Š','Œ''² Ô'=!’'8'’'.''£!’'H'¥'£''”'Š',!”''Š',!’'8'’'''£!’'H'™'p'Œ''“'œ'¥&`'“'”'™'H'“'«'’'¸'¨&c'“'œ!’'p'§'"'Š','Œ'ž'','Ž&`''”'t'’''“'œ'Ž&`!’'p''£'Œ''Š''Ž'£''´'“'”!’'8'’''Š''Œ''Š','›'X'’'''¢'Ž'£'Œ$i'›'ž'Š''¶'£'Š','Œ''t''Q'Œ'ž'Š'z''F'© '›'ž'Ž&`!’'H'›','²ÖÕ×'“'”'Œ''›'X'’'''«'¨&`'»'*'’'' 'H'Š'#'¨Ø' '|''z'¶&`'Š'p'“'”!”''§'"'Ž&`'Œ'ž'’'''£!’'8'’'...

1 Introduction - Microsoft
1 Introduction - Microsoft
11/04/2018 - www.microsoft.com
One-Way Accumulators: A Decentralized Alternative to Digital Signatures (Extended Abstract) Josh Benaloh Clarkson University Michael de Mare Giordano Automation Abstract This paper describes a simple candidate one-way hash function which satis es a quasi-commutative property that allows it to be used as an accumulator. This property allows protocols to be developed in which the need for a trusted central authority can be eliminated. Space-e cient distributed protocols are given for document time...

User-Driven Access Control: Rethinking Permission ... - CiteSeerX
User-Driven Access Control: Rethinking Permission ... - CiteSeerX
23/08/2018 - www.microsoft.com
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems Franziska Roesner, Tadayoshi Kohno {franzi, yoshi}@cs.washington.edu University of Washington Alexander Moshchuk, Bryan Parno, Helen J. Wang {alexmos, parno, helenw}@microsoft.com Microsoft Research, Redmond Crispin Cowan crispin@microsoft.com Microsoft Abstract tionality and security for access to the user s data and resources. From a functionality standpoint, isolation inhibits the client-side manipulation...

A Large-Scale Study of the Evolution of Web Pages - Microsoft
A Large-Scale Study of the Evolution of Web Pages - Microsoft
23/08/2018 - www.microsoft.com
A Large-Scale Study of the Evolution of Web Pages Dennis Fetterly Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 dennis.fetterly@hp.com Mark Manasse Marc Najork Microsoft Research Microsoft Research 1065 La Avenida 1065 La Avenida Mountain View, CA 94043 Mountain View, CA 94043 manasse@microsoft.com najork@microsoft.com Janet Wiener Hewlett Packard Labs 1501 Page Mill Road Palo Alto, CA 94304 janet.wiener@hp.com ABSTRACT 1. INTRODUCTION How fast does the web change? Does most...
 
 

Legacy Warranty Card
Legacy Warranty Card
14/07/2024 - dl4.htc.com
Warranty Statement HTC End User License Agreement HTC Corporation No. 23, Xinghua Rd. Taoyuan City, Taoyuan County 330, Taiwan LIMITED WARRANTY STATEMENT This limited warranty shall apply to the HTC product (the Product ). HTC warrants that the product is at the time of its original purchase free of defects in materials and workmanship ( Limited Warranty ). This Limited Warranty is subject to the following terms and conditions: 1. This Limited Warranty is given only to the original purchaser...

HR ACM 847
HR ACM 847
20/03/2015 - docs.whirlpool.eu
HR ACM 847 1 HR 2 HR Min. 10 cm Min. 3 cm Max. 6 cm Min. 5 mm Min. 5 mm 1 2 3 3 3 HR Va~ne napomene o sigurnosti VA`A I SIGURNOST DRUGIH JE NA PRVOME MJESTU. Ove upute sadr~e sigurnosna upozorenja, a neka su naznaena i na samom ureaju. Pa~ljivo ih pro itajte i uvijek ih se pridr~avajte. Ovo je simbol opasnosti koji korisnika upozorava na potencijalan rizik. Sva sigurnosna upozorenja sadr~e ovaj simbol i sljede e pojmove: Ukazuje na opasnost koja mo~e izazvati ozbiljne...

Universal Dock - Support - Apple
Universal Dock - Support - Apple
27/11/2014 - manuals.info.apple.com
Universal Dock Using the Apple Universal Dock Congratulations on purchasing your Apple Universal Dock. You can use this Dock with any iPhone and iPod model with a dock connector and adapter. Here are the things you can do with your new Dock: ÂÂ Connect the Dock to your computer, and then place your iPod or iPhone in the Dock to charge the battery and sync content from iTunes (page 5). ÂÂ Connect the Dock to a power outlet (using the included Apple USB Power Adapter), and then place your...

Lfv184w Ir20 2
Lfv184w Ir20 2
21/06/2024 - www.vedette.fr
CALCUL DE L'INDICE DE RÉPARABILITÉ ET PRÉSENTATION DES PARAMÈTRES AYANT PERMIS DE L'ÉTABLIR Lave-linge FICHE D'INFORMATION À TRANSMETTRE AUX DEMANDEURS (cf. Article L. 541-9-2 du Code de l'environnement) 02/02/2021 Brandt Rueil France LFV184W Date du calcul Nom ou marque commerciale du fournisseur Adresse du fournisseur Référence du modèle donnée par le fournisseur Critère Sous-critère Note du souscritère sur 10 Coefficient Note du du sous critère sur 20 critère CRITÈRE 1...

offerts - Top Office
offerts - Top Office
04/01/2018 - www.brother.fr
Les Du 1er août au 31 octobre 2016 Jusqu à 140 ¬ REMBOURSÉS +3 ANS DE GARANTIE OFFERTS sur une sélection de références (1) Gamme LASER COULEUR Gamme LASER MONOCHROME DCP-1512A MFC-1910W DCP-L2540DN MFC-L2700DW DCP-L8400CDN Gamme JET D ENCRE MFC-J6520DW MFC-J6920DW *Catégorie Solution d impression  Étude Inference Operations  Viséo Conseil  mai à juillet 2015  Plus d infos sur : www.escda.fr. (1) Voir conditions de l offre au dos

5019 307 00411 AWZ 750 S SNABBGUIDE
5019 307 00411 AWZ 750 S SNABBGUIDE
20/03/2015 - docs.whirlpool.eu
S AWZ 750 SNABBGUIDE Läs också noggrant igenom: bruksanvisningen och installationsmanualen. Tillvalsfunktioner Rekommenderade tidsinställningar Skonprogram Minskar torkeffekten (rekommenderas för ömtåliga material) Torktider Maximal tvättmängd Centrifugeringshastighet Tvättmaskin På Bomull Varv/minut 800 Varv/minut 1000 Varv/minut 1200 Kg 105  140  Skåptorrt plus - 80  115